xun/nixos-config
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

set smb password

Browse source
This commit is contained in:
xunuwu 2025-05-29 22:46:38 +02:00
parent 8b23224b6b
commit 2d61c06946
Signed by: xun
SSH key fingerprint: SHA256:Uot/1WoAjWAeqLOHA5vYy4phhVydsH7jCPmBjaPZfgI
3 changed files with 35 additions and 5 deletions
Download patch file Download diff file Expand all files Collapse all files

16
sys/machines/hopper/lab/samba.nix
View file

@ -1,4 +1,9 @@
{config, ...}: { {
config,
lib,
pkgs,
...
}: {
# only used for samba # only used for samba
users.groups.xun = {}; users.groups.xun = {};
users.users.xun = { users.users.xun = {
@ -27,14 +32,15 @@
"server string" = config.networking.hostName; "server string" = config.networking.hostName;
"hosts allow" = "192.168.50.0/24"; "hosts allow" = "192.168.50.0/24";
"map to guest" = "bad user"; "map to guest" = "bad user";
"passdb backend" = "smbpasswd:${config.sops.secrets.samba-pass.path}";
}; };
transmission = { transmission = {
path = "/var/lib/transmission"; path = "/var/lib/transmission";
browseable = "yes"; browseable = "yes";
"read only" = "yes"; "read only" = "yes";
"guest ok" = "no"; "guest ok" = "no";
"create mask" = "0664"; "create mask" = "0660";
"directory mask" = "0775"; "directory mask" = "0770";
}; };
vault = { vault = {
path = "/srv/vault"; path = "/srv/vault";
@ -61,8 +67,8 @@
browseable = "yes"; browseable = "yes";
"read only" = "no"; "read only" = "no";
"guest ok" = "no"; "guest ok" = "no";
"create mask" = "0666"; "create mask" = "0660";
"directory mask" = "0777"; "directory mask" = "0770";
"force user" = "media"; "force user" = "media";
"force group" = "media"; "force group" = "media";
}; };

5
sys/profiles/secrets/hopper/default.nix
View file

@ -41,5 +41,10 @@
owner = "roblox-playtime"; owner = "roblox-playtime";
group = "roblox-playtime"; group = "roblox-playtime";
}; };
samba-pass = {
format = "binary";
sopsFile = ./samba-pass;
mode = "0600";
};
}; };
} }

19
sys/profiles/secrets/hopper/samba-pass Normal file
View file

@ -0,0 +1,19 @@
{
"data": "ENC[AES256_GCM,data:kkJygi1K4ZHjM+VfVMTVTNBxhPBijWtP3au7zcx1rjqjFTLT5vdPdKBaMOM9G3qLjpjqet7webyu8u/GhYopjWowsS8ixwirhC0MJXpnemA9BRYUqZRc0rVHcUkNDsqGncd5SA==,iv:Vhi2V8MGnGz1EfS6ZYPjS1ffhqVLj/XMf/gWf8YYlAM=,tag:vK1izGpNaaaA+U4lLUDAtA==,type:str]",
"sops": {
"age": [
{
"recipient": "age17pdqkpfh6kc6wm7gxzdnwf6vphlwddv9yfpdu3j76e24y3amd9tq3avfc8",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBJK1V3YkcvZUY5SWpRcjNv\nQXNvS2pyNDJocDlrWWR5dm15cXJLd1ZnRXdrCm9VVHF3dzRmT2pjbGl4aGJNZlJB\naTJNaDZFS0dZOWdRNUszZXRVcktHZHcKLS0tIGZ5V2d2QWZGSFBiTi9aa1lCZVgy\nTG9HMVRLaEtUbmFSRTZ5NjFRRmp6ZEUKIEdWVooN7oEsPXm5xhq0OIqRgbTofxer\nFki4heCRtOJFVd2ee7eI5LC8goNT/KjXLX0kj/HPIAHKehq/rNcWBQ==\n-----END AGE ENCRYPTED FILE-----\n"
},
{
"recipient": "age1e9nhfwfcg9krc03re4fwh0wu0cwf6jq4js5vfn26hcdqc2apgdes98fea7",
"enc": "-----BEGIN AGE ENCRYPTED FILE-----\nYWdlLWVuY3J5cHRpb24ub3JnL3YxCi0+IFgyNTUxOSBUeGFTNDVidCtnUzFmelEy\nTFR1a1EzQVN5RVh6Tm9oNEhoMitzN0hZMkdRCnJTYXBicHZkR3RIR0tVeGVPN2xJ\nNXFwN0tHTGozRzNSNlRXVFAxRlUzTHMKLS0tIGwxaEJSVGxRclBHak1xMzVrQU1Z\nYnhaMVp5MStGOGtkWm5jNmxUUWp1aVEKBmq9CPCqGOIDT6dFm9vqSx/pxtmdOuXo\n2Gn4mOPSCU74EuOUDW7RdEWkLHDYUMB1himxZpWXPlYYnRKzBAfQqw==\n-----END AGE ENCRYPTED FILE-----\n"
}
],
"lastmodified": "2025-05-29T20:45:45Z",
"mac": "ENC[AES256_GCM,data:ztcpvpqejP2E2AjDfgZHfkdCFIPJmNLbfoy5DVWO5fE+kF/kNQu3+bsgP9UHVsCvMlKjSCdTMxeBt1pV2s5jkStZSxq4sQ5zUtjeNq8SMhVH1fvj8JRTpgNcwZ4MHeHOALKRQBELYLBfJqg2/u2TnxCZigiQwZf3pAw6J6wRoK0=,iv:zpqguOWAouPtj5K1tHe8/ugmWVha2ztogErsG/LC4Aw=,tag:aIc1Ey74CCJLPM0IwZ3gNQ==,type:str]",
"unencrypted_suffix": "_unencrypted",
"version": "3.10.2"
}
}